If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Failing to exploit some machines

I have a problem, I created an environment that i expect to attack, im using 4 computers, one with BackTrack the attacker and the others are using Windows 7, Windows XP and Linux CentOS.

What i want to do is get full access to those computers. Well all computers are full patched, i mean no ms08... exploits will work. I know i can exploit the XP machine that way but i want to perform a advanced attack. What i tought that would work was using the "java_rhino" exploit.

1) I spoofed the ARP table of all computers, all the traffic going on, pass through BT machine, i used:

2) With armitage I found all the computers i want to get access. I had to disable the firewall on Windows Machines since i don't know how to get through the firewall with ICMP packets (if anyone wants to help me with that too, i would be gratefull)

3) I started the "java_rhino" exploit. The victims need to get to the "website" http://192.168.1.100:53/" so i can get the attack done.

Re: Failing to exploit some machines

What I would suggest is that you try running a web server, backtrack comes with apache out of the box, and then see if that works. The reason why I say that is because a browser goes to port 80 on a machine and tries to load it, but without anything listening on port 80, your BT machine will just silently ignore it. Correct me if I'm wrong, but that's what I would suggest.

Re: Failing to exploit some machines

First of all make sure the dns spoofing actually works.
Try spoofing google.com to the apache server on your machine just to make sure.

If that works try entering www.google.com:53 with dnsspoofing and without the iptables in the victim browser ? Does this work ?
And why does your exploit server run on port 53 ? Can't you change that ?
I know DNS uses port 53. Might this maybe cause some kind of a problem ?

(\ /)
( . .)
c(")(")

This is bunny.
Copy and paste bunny into your signature to help him gain world domination.